OpenStack / Cloud / Virtualizaton / Linux

What the Heck is a Linux Container, and Who the Hell is Docker?

A Linux Container is an Operating System level virtualization method for running isolated Linux environments on a single base install of Linux. Linux containers are not virtual machines, rather they are isolated virtual environments with dedicated CPU, memory, I/O, and network. One can think of a Linux Container as a light, virtual OS instance. At first glance one hearkens back to the time of Solaris Containers, but there is a lot more going on here then first meets the eye, especially when we throw Docker in the mix.

But first, lets focus on Linux Containers…

The technologies behind Linux Containers are Control Groups and Name Spaces. Control Groups manage and monitor resource allocation for processes and process groups such as CPU, Memory, and I/O. Name Spaces help isolate processes, in something akin to a chrooted environment, making processes running within them invisible to other processes in other Name Spaces.

So why would you possibly want to run a Linux Container?

Well for one you can consolidate multiple Linux servers into one Machine, therefor reducing the number of management points in your environment. Instead of having to patch 6 Virtual Machines, you now only have to patch one.

Linux Containers can also be used to quickly spin up sandbox environments for development and testing so that you no longer need to spin up a new VM for each individual project. As we all know, this is how we end up with Virtual Sprawl. You create someone a Virtual Machine, with the intention of reclaiming it after a short period of time and all of a sudden that Virtual Machine becomes a permanent fixture in your environment. In the case of Linux Containers, you just tear down the instance and toss it away.

Also, Linux Containers can be used to allow you to run multiple instances of the same application in parallel. Think of Apache virtual servers, running separately, independent and isolated from each other. Each with its own dedicated CPU, Memory, and I/O, and never stepping on each others toes.

Linux Containers also provide an added layer of security. Just because a Container on a server is compromised, it does not mean that any other local Containers, or the base system itself is compromised in the least.

Finally Linux Containers are efficient. First and foremost, they boot faster than traditional Virtual Machines. They also offer better performance over Virtual Machines as there is no hardware abstraction layer in the form of a hypervisor.

So what is Docker then, you ask? Docker is an open source project that streamlines the deployment of an application (or OS) inside a Linux Container. Its designed to make the creation and management of Linux Containers simple as Docker can create and share disk images with ease.

Here are just a few of the images available from the Docker Hub.

Apache CouchDB

PostgreSQL

Memcached

Mongo DB

NGINX

Mysql

WordPress

Centos

Ubuntu

Whats amazing is that any dockerized image can run on any machine that is running docker. Imagine an Ubuntu docker image running on Centos. Weird huh?

Have yourself a perfect OS image for your in-house java app? How about you dockerize that and use Docker as a revision control system for your application/OS. Sounds interesting, doesn't it.

I have heard it said that Docker is not just Platform as a Service (PAAS) , its possibly could be much more than that. Right now Docker only works with Linux Containers, but imagine if it worked with KVM or Xen.